In December 2018, the video messaging service Dubsmash suffered a data breach. The incident exposed 162 million unique email addresses alongside usernames and PBKDF2 password hashes. In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to "BenjaminBlue@exploit.im".
Accounts breached: 161749950
Breached on: December 01, 2018
Exposed data: Email addresses, Geographic locations, Names, Passwords, Phone numbers, Spoken languages, and Usernames
Domain: dubsmash.com
Added on: February 25, 2019